Skip to content

Update README, containers, CI for software.eessi.io #93

Update README, containers, CI for software.eessi.io

Update README, containers, CI for software.eessi.io #93

name: Build and publish EESSI container images
on:
push:
branches:
- main
paths:
- containers/Dockerfile.EESSI-*
- containers/build-or-download-cvmfs-*.sh
pull_request:
branches:
- main
paths:
- containers/Dockerfile.EESSI-*
- containers/build-or-download-cvmfs-rpm.sh
# also rebuild the containers for new releases of filesystem-layer:
# this often means that we have a new CVMFS configuration package
release:
types: [published]
# Declare default permissions as read only.
permissions: read-all
jobs:
build_and_publish:
name: Build and publish image
runs-on: self-hosted
timeout-minutes: 720
permissions:
packages: write
contents: read
strategy:
matrix:
tag: ['client:centos7', 'build-node:debian11']
platform: [amd64, arm64, ppc64le]
steps:
- name: Check out the repo
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
- name: Set up QEMU
uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
- name: Cache Docker layers
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ matrix.platform }}-${{ matrix.tag }}
restore-keys: |
${{ runner.os }}-buildx-${{ matrix.platform }}-${{ matrix.tag }}
- name: Login to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Convert and store repository owner in lowercase, replace colon in tag names by hyphen
run: |
echo REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV
tag=${{ matrix.tag }}
echo DOCKERFILE=Dockerfile.EESSI-${tag//:/-} >> $GITHUB_ENV
- name: Build and push to GitHub Packages
uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 #v3.2.0
with:
tags: ghcr.io/${{ env.REPOSITORY_OWNER }}/${{ matrix.tag }}-${{ matrix.platform }}
file: containers/${{ env.DOCKERFILE }}
platforms: linux/${{ matrix.platform }}
push: ${{ github.event_name != 'pull_request' }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
create_manifest:
name: Create the Docker manifest
needs: build_and_publish
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
strategy:
matrix:
tag: ['client:centos7', 'build-node:debian11']
steps:
- name: Login to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Convert and store repository owner in lowercase
run: |
echo REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV
- name: Run docker manifest
if: github.event_name != 'pull_request'
run: |
docker manifest create \
ghcr.io/${{ env.REPOSITORY_OWNER }}/${{ matrix.tag }} \
--amend ghcr.io/${{ env.REPOSITORY_OWNER }}/${{ matrix.tag }}-amd64 \
--amend ghcr.io/${{ env.REPOSITORY_OWNER }}/${{ matrix.tag }}-arm64 \
--amend ghcr.io/${{ env.REPOSITORY_OWNER }}/${{ matrix.tag }}-ppc64le
- name: Push manifest
if: github.event_name != 'pull_request'
run: docker manifest push ghcr.io/${{ env.REPOSITORY_OWNER }}/${{ matrix.tag }}